<?php
include("../../tools/session.php");

// 如果登录成功
if ($is_login_success === true)
{
?>
<?php
   // 获取方式:by（通过什么，公司？部门？职位？办公室？组？）
   // 公司:c, 部门:s, 职位:p, 办公室:o, 组:g
   $by = $_GET["by"];
   // 获取方式值:v
   $bv = $_GET["bv"];
   if ((!$by) || ($bv==""))
	 {
		echo "您未传入参数！";
		exit();
	 }
   
   include("../../tools/mysql.php");
   db_connect();
   
   $sql_str = "";
   switch($by)
	 {
	  case "c":
		$sql_str = " company_id=" . $bv . " ";
		break;
	  case "s":
		$sql_str = " section_id=" . $bv . " ";
		break;
	  case "p":
		$sql_str = " position_id=" . $bv . " ";
		break;
	  case "o":
		$sql_str = " office_id=" . $bv . " ";
		break;
	  case "g":
		$sql_str = " group_id=" . $bv . " ";
		break;
	  default:
		$sql_str = " position_id= " . $bv . " ";
	 }
   
   $sql = "SELECT id, username, job_num, register_time FROM view_user WHERE " . $sql_str;
   $re = db_query($sql);
   
   header("content-type: text/xml");
   echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
   echo "<users>\n";
   echo "<type>" . $by . "</type>\n";
   echo "<type_value>" . $bv . "</type_value>\n";
   foreach ($re as $v)
	 {
		echo "<user id=\"" . $v["id"] . "\" name=\"" . $v["username"] . "\" job_num=\"" . $v["job_num"] . "\" is_master=\"0\" reg_time=\"" . $v["register_time"] . "\" />\n";
	 }
   echo "</users>\n";
?>
<?php
}
// 如果登录失败或还未登录
else
{
   session_hop_page("../index.php");
   exit();
}
	  
?>
